How do Joomla's access groups work? Who can submit and edit articles? Who can delete or publish articles? There are popular questions that new Joomla users ask. I created this in the process of doing training documentation for me website clients. I hope this helps out those of you who have had a hard time finding resources to explain the concept, and I'd appreciate comments and corrections.

Every Joomla web site installation has two distinct access/content zones.

Front-end

The Front-end is the web site that all visitors will see when they input the web site's URL address.

The Front-end includes the Front Page (home page) and is where all the web site Content Items, images, and the rest of the massive array of possible Content will be displayed and is accessible to the web site visitors.

Back-end(admin area)

The Back-end is the administrator's Control Panel, where Managers, Administrators, or Super Administrators log in to manage all aspects of the web site, including both features and content. Here, all the software, functionality, and security of the site installation can be managed (in conjunction with the database and web server administration functions).

The Back-end is not available to public viewing. Normal visitors to the web site will not be able to view or access the settings or configuration of your site.

To ensure that access to the two zones is kept separate, Joomla has two very separate classification levels of User Groups that match these two zones. Within each classification level there are a number of User Groups. In addition, there is a system for classifying the actual Content that each Group can view.

The following table on User Groups will clarify which User Group can access a particular Class of Content.

User(Type)

Description

Programming Knowledge required

Guest

(Front-end)

A Guest is anyone that is connected to the web site but NOT registered and/or logged in. A Guest only has access to the Front-end Content that has an Access Classification of Public.

None

Registered User

(Front-end)

Normal visitors who register at the site. Can view Menu Items that have Access Level of Registered. Cannot edit or submit articles. By default Registered Users are able to configure their own User Profile, submit a Web Link, view/rate Content Items with a Registered Classification.

None

Author

(Front-end)

The Author User Group inherits the access permissions of the Registered User Group and in addition, its members can submit new articles for approval in the Front-end only. A Publisher or higher must approve. Cannot edit existing articles.

None or Some HTML knowledge

Editor

(Front-end)

The Editor User Group inherits the access permissions of the Author User Group and, in addition, its members can submit new articles or edit all published Content Items from the Front-end only. A Publisher or higher must approve.

Some HTML knowledge

Publisher

(Front-end)

The Publisher User Group inherits the access permissions of the Editor User Group, and in addition, its members can submit, edit, or publish articles from the Front-end only. In addition the Publisher can control existing published Content Items and Unpublish them if necessary by direct entry into the Content Item itself.

*Some HTML knowledge

*Some CSS knowledge is definitely an asset.

Back-end administration User Groups -- As administration User Groups they have the access permission to log in to the web site as well as to the Administrator Back-end - via a separate log in process. They can view all Content that is Classified as Registered Access, Public Access, as well as Special Access.

Manager

(Back-end)

The Manager User Group inherits the access permissions of the Publisher User Group in the Front-end of the web site and, in addition, its members are allowed access to the Administrator Back-end (Control Panel) via a separate log in.

In the Control Panel a Manager can access the following Administrator Menus and associated functions: